Computing devices, such as mobile handsets, are traditionally designed to deliver performance on restricted hardware. Since there is no ‘built-in security’ commonly found on purpose built computers with increased mobility (e.g., smart phones), information stored in the computing devices is much more likely to end up in the wrong hands. Adding smart card readers or expecting users to carry One-Time-Password tokens (OTPs) to use with the computing devices is not realistic. Out-of-band solutions such as SMS or other communications protocols are cumbersome and not user friendly for widespread use. People pick weak passwords that are easy to remember or just easy to type on a handset and voice biometric solutions are expensive and disrupt the user experience. Multilayered security can be achieved by combining three pillars: (i) something you have (e.g., the phone as a token), (ii) something you know (e.g., your PIN), and (iii) something you are (e.g., your physical or behavioral metrics).